|
255711
|
7.5 |
HIGH
Network
|
ytnef_project
debian
|
ytnef
debian_linux
|
An issue was discovered in ytnef before 1.9.2. There is a potential heap-based buffer over-read on incoming Compressed RTF Streams, related to DecompressRTF() in libytnef.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-6802
|
2024-11-21 12:30 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255712
|
7.5 |
HIGH
Network
|
ytnef_project
debian
|
ytnef
debian_linux
|
An issue was discovered in ytnef before 1.9.2. There is a potential out-of-bounds access with fields of Size 0 in TNEFParse() in libytnef.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-6801
|
2024-11-21 12:30 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255713
|
7.5 |
HIGH
Network
|
ytnef_project
debian
|
ytnef
debian_linux
|
An issue was discovered in ytnef before 1.9.2. An invalid memory access (heap-based buffer over-read) can occur during handling of LONG data types, related to MAPIPrint() in libytnef.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-6800
|
2024-11-21 12:30 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255714
|
6.1 |
MEDIUM
Network
|
mantisbt
|
mantisbt
|
A cross-site scripting (XSS) vulnerability in view_filters_page.php in MantisBT before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'view_type' parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-6799
|
2024-11-21 12:30 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255715
|
7.8 |
HIGH
Local
|
trendmicro
|
endpoint_sensor
|
Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208.
|
CWE-426
Untrusted Search Path
|
CVE-2017-6798
|
2024-11-21 12:30 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255716
|
5.5 |
MEDIUM
Local
|
partclone_project
|
partclone
|
partclone.chkimg in partclone 0.2.89 is prone to a heap-based buffer overflow vulnerability due to insufficient validation of the partclone image header. An attacker may be able to launch a 'Denial o…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6596
|
2024-11-21 12:30 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255717
|
6.1 |
MEDIUM
Network
|
mantisbt
|
mantisbt
|
A cross-site scripting (XSS) vulnerability in bug_change_status_page.php in MantisBT before 1.3.7 and 2.x before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'action_type' par…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6797
|
2024-11-21 12:30 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255718
|
6.1 |
MEDIUM
Network
|
django-epiceditor_project
|
django-epiceditor
|
There is a cross-site scripting vulnerability in django-epiceditor 0.2.3 via crafted content in a form field.
|
CWE-79
Cross-site Scripting
|
CVE-2017-6591
|
2024-11-21 12:30 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255719
|
6.3 |
MEDIUM
Physics
|
canonical
|
ubuntu_linux
|
An issue was discovered in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 16.10. A local attacker could use this issue at the default Ubuntu login s…
|
CWE-863
Incorrect Authorization
|
CVE-2017-6590
|
2024-11-21 12:30 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255720
|
6.1 |
MEDIUM
Network
|
epiceditor_project
|
epiceditor
|
EpicEditor through 0.2.3 has Cross-Site Scripting because of an insecure default marked.js configuration. An example attack vector is a crafted IMG element in an HTML document.
|
CWE-79
Cross-site Scripting
|
CVE-2017-6589
|
2024-11-21 12:30 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
